O'Reilly logo

Mastering JavaScript Single Page Application Development by John Moore, Philip Klauzinski

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Securing Express

Authentication is perhaps the most important and one of the trickier topics with regard to securing a web application from the front. Certainly, there are lots of different threat vectors.

Helmet

One of the easiest things we can do to secure our Express application is to install and use the security middleware called Helmet. Helmet adds a number of security headers and policies, as well as preventing some attacks, such as clickjacking.

It does most of this under the covers, without the need for configuration on our part. For more detailed information, and to find alternative ways to congigure it.

To get started with Helmet, first install it using npm:

$ npm install helmet --save
helmet@1.1.0 node_modules/helmet
|- nocache@1.0.0

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required